diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..aa53ed9
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,9 @@
+MIFARE_APP_MASTER_KEY="7b195adb892073c9e34ebe7e0ca28b2b"
+# 16 bytes AES key
+MIFARE_ACL_READ_BASE_KEY="741a50f2b189cc9f151e0600f50a6e1a"
+# 16 bytes AES key
+MIFARE_ACL_WRITE_BASE_KEY="f1aa99f81cca268de98d422ee0ccb65c"
+# 16 bytes AES key
+SECRET_KEY="8b14d0b447bff7efa24d5019cc59a999786e31f6f865173bbd642bf18de5ad85"
+#Key for oauth
+#THESE ARE TESTING KEYS - DO NOT USE IN PROD
\ No newline at end of file
diff --git a/app/services/auth.py b/app/services/auth.py
index ba73e69..8515191 100644
--- a/app/services/auth.py
+++ b/app/services/auth.py
@@ -10,9 +10,12 @@ import jwt
 from jwt.exceptions import InvalidTokenError
 from ..model.models import UserDB, Token, TokenData, UserCreate
 from ..services.database import *
-import secrets, string
+import secrets, string, os
 
-SECRET_KEY = "8b14d0b447bff7efa24d5019cc59a999786e31f6f865173bbd642bf18de5ad85" #Encrypt and change later or store in env file or somehthing
+from dotenv import load_dotenv
+
+load_dotenv()
+SECRET_KEY = os.getenv("SECRET_KEY")
 ALGORITHM = "HS256"
 ACCESS_TOKEN_EXPIRE_MINUTES = 120